Ransomware spotted in the wild posing as Microsoft !!!

[INDRANIL]

Guys and Girls here is a security update for you . Researchers from PandaLabs have spotted a Microsoft themed ransomware variant. It spreads over email and P2P.

Once you get infected (you can receive it in a number of different ways, most likely via spam messages and P2P), your computer is restarted. What for? Well, the malware installs itself to run every time your computer is started. And at the very beginning, just after you log in, it will show you the following screen:



Translated Text - your Microsoft Windows authenticity could not be verified, you need to have it fixed, which is just a 100€ payment. They give you the payment instructions and before saying goodbye they let you know that in case you don’t pay you’ll lose access to the computer and will lose all your data, as well as that the district attorney’s office has already your IP address and that you’ll be prosecuted in case you fail to pay the 100€ in 48 hours.

Unless the victim pays within 48 hours, the ransomware threatens to send their IP to the district attorney’s office citing piracy violations.

The unlock key for the ransomware currently detected as Ransom.AN is QRT5T5FJQE53BGXT9HHJW53YT

Stay safe friends . Have a nice time .

More & Source .

[Bluedot]

A scan with the new Kaspersky Rescue Disk would take less that 48 hours to get the old baby back in action, without a single cent.

[leofelix]

Interesting thank you INDRANIL.
I remember of another type of malware which worked in a similar way. Kaspersky provided some tools, but malware developers found the way to bypass the effectiveness those tools : they simply constantly changed tha code to unblock that malware.
From the article posted:

(you can receive it in a number of different ways, most likely via spam messages and P2P)

Right I do not use P2P software and I have an excellent free antispam (brain based), I wonder whether a malicious Java Script might be used to get infected

[Bearcat]

Thanks for the news Indra. Just what we need, another scam to screw up our computers.

[Raymond]

There's only one hardcoded key to unlock? I thought it was going to be polymorphic or something... :P

[INDRANIL]

Welcome friends . Yes leo they are continuously developing so av vendors need to be updated as well as we . O Yeah Ploymorphic variety would be best . Jocking .

[Swarup]

Interesting News

Thanks Indra

[Student26]

Right I do not use P2P software and I have an excellent free antispam (brain based)

Probably the best available.

[JayCub]

Thanks for the news Indra. Just what we need, another scam to screw up our computers.

I can screw up my computer with no help Bear

[Bearcat]

I can screw up my computer with no help Bear

Don't feel like the lone ranger Jay! Thats why I keep updated system images, just for those times...